Microsoft Finally Puts an End to Necurs, the Botnet that Infected 9 Million PCs

Microsoft has recently announced that it is putting an end to Necurs, the most dangerous botnet in recent years. Microsoft’s cyber-security campaign continues. Cyber Threat Intelligence in collaboration with 35 other countries is preparing to end the Necurs botnet located in the US that has Russian origins and has infected around nine million PCs globally and distributed different kinds of malware every day.

The US District Court for the Easters District of New York issued an order on March 5^th allowing Microsoft to take control of the infrastructure used by Necurs to distribute malware and infect the victim’s computers with a virus. With the legal action and collaborative effort that involves public and private partnerships around the world; Microsoft is conducting activities that will prevent the criminals responsible for Necurs from registering any new domains for attacks in the future. Microsoft monitors close to 30 billion logins by over a billion users every day. Based on the latest security statistics, PCs that are infected do not use accounts with two or more factor authentication in 99 per cent of the cases. The remaining greatly limits the chances of being victims of cyber-attacks that leverage the fragility of user passwords.

GizChina has commented, “This was accomplished by analyzing a technique used by Necurs to systematically generate new domains through an algorithm. We were then able to accurately predict over six million unique domains that would be created in the next 25 months. Microsoft said that these domains to their respective registries in countries around the world so the websites can be blocked and thus prevented from becoming part of the Necurs infrastructure. By taking control of existing websites and inhibiting the ability to register new ones, we have significantly disrupted the botnet.”